Table of Content
AI Information
AI Tutorial
AI Agent
Latest Information
Hot Information
LLMs Information
Technical Frontiers
Industry Applications
Prompt Tutorial
AI Programming
AI Video Generation
AI Audio Generation
Knowledge Base Setup
AI Development Guides
Industry Tutorials
Practical Cases
AI Resource Library
Agent Information
Agent Setup
Agent Training

How to block attacks in the era of big models? A cybersecurity company breaks through the difficulties of "linked defense + big model security"

Written by
Jasper Cole
Updated on:June-28th-2025
Recommendation

Challenges and coping strategies for network security in the era of big models.

Core content:
1. Security challenges and corporate dilemmas brought about by the era of big models
2. The dual role of AI technology as a power source and a source of risk
3. AsiaInfo Security's innovative practices and industry impact in the field of big model security

Yang Fangxian
Founder of 53AI/Most Valuable Expert of Tencent Cloud (TVP)


On May 24, 2025, at the Nanjing Yangtze River International Conference Center, the C3 Security Conference, a heavyweight summit in the field of domestic cybersecurity, was packed with more than 2,000 participants to discuss security changes in the AI ​​era. Participants generally felt that the information security challenges faced by enterprises are more complex, systematic and urgent than ever before.


" We deployed DeepSeek this year. Is it safe enough with a firewall? " asked an enterprise IT manager in the exhibition area. Another enterprise information director admitted that with the deepening of digital transformation, the risk exposure of enterprises has significantly expanded. Attacks are no longer limited to data centers, but have penetrated three-dimensionally in the cloud, edge, and end . In the past six months alone, the enterprise has encountered multiple "Silver Fox" phishing attacks on the end side, each of which is accompanied by the potential risk of financial loss.


In fact, every discussion at the conference reflects the real dilemma of enterprises in the AI ​​era. In 2025, the industry is standing at a historic turning point . Artificial intelligence is reshaping business and infrastructure at an unprecedented speed, while also giving rise to unprecedented security threats. Artificial intelligence, especially large models, is becoming a new entry point for attackers to focus on; at the same time, it is used as a weapon by attackers to accelerate the creation of the next generation of security attacks .


We are entering the era of "two-way fission". Last year, AsiaInfo Security released its self-developed big model and proposed the concepts of "AI for Security" and "Security for AI". This year, in the face of the increasing demand for digital intelligence transformation and the continuous evolution of threat attacks, it has once again been confirmed that emerging technologies represented by AI are not only a source of power, but also a source of risk; security is not only a guardrail, but also a driving force for the development of digital intelligence.



The integration of digital intelligence and security is driving the entire cybersecurity industry into a new round of strategic redefinition .


01


AI enters the deep water zone, and security is undergoing "two-way fission"



"Not long ago, we encountered a large-scale attack on large model services." A leading large model service provider said in a meeting. In fact, Digital Intelligence Frontline learned that almost all large model companies have encountered various attacks in the past period of time.



In the "Peak Dialogue" session of the C3 main meeting, when talking about the escalating security issues under the digital intelligence transformation, relevant experts said: "Attacks on large models are more covert. Through carefully designed prompts or questions, the model is constantly outputting content, consuming reasoning computing power, and ultimately affecting the core business of the enterprise." Another type of attack on large models is closely related to user privacy and data. For example, the "large model cockpit" service of new energy vehicles may leak user privacy under attack.


Fu Wei, Vice President of AsiaInfo, said in the conversation that the security of large models is becoming a core issue of concern to enterprises, and it is also a very complex technical challenge. AsiaInfo has delivered hundreds of large model projects. Currently, many customers are still in the PoC stage. When large-scale implementation is carried out, security issues will become more acute.


In fact, according to Li Zhuo, founder and CEO of AI security company Hydrox AI, about 76% of large companies in the world have deployed large models. At the same time, the losses caused by AI security will soar from US$8.5 billion to US$14.3 billion in 2024, and are expected to exceed US$23.5 billion this year.


What’s more serious is that AI itself is being “weaponized” .


Attackers are using AI to greatly improve efficiency, making attacks more accurate, fast and scalable. "If defenders want to build an intelligent defense line, it is not only technically difficult, time-consuming and costly. In reality, there is a greater time difference between offense and defense." Wei Liang, deputy director of the China Academy of Information and Communications Technology, said that in the era of intelligence, the asymmetry of network security offense and defense is more prominent .


Attackers can use models to generate attack scripts for 0day and Nday vulnerabilities and write phishing emails. The mutation rate of AI attacks has also soared to "93% every 24 hours", making it difficult for traditional defense methods to adapt, and delayed response has become a common phenomenon.


" The problem is that we don't really use AI to fight AI ." Wu Xiangning, senior vice president and CDO of AsiaInfo Security, analyzed that now attackers only need 48 minutes on average to break into the target device .


What is alarming is that although Chinese companies have deployed an average of 45 security products in the past 10 years, the effect has not improved as fast as expected. The lack of coordination between devices has formed "defense islands". This has forced companies to reconstruct their defense ideas. Wu Xiangning concluded that the era of single-point defense has ended, and the AI-native-driven linkage defense system is the best solution to modern attacks.


A video played at the conference also provided a vivid analogy. Recently, the Pakistani military shot down several Indian fighter jets in air combat, and Pakistan suffered no damage. The key lies in data connectivity and linkage coordination systems. On the other hand, the Indian military has no advantage despite its advanced weapons due to the lack of information sharing and coordination between equipment from multiple countries. The evolution of network security is also very similar. Attacks are no longer limited to a single point, and the stacking of security equipment can no longer resist this "systematic attack."


In terms of response, AI is becoming a key technology path. AI can be used for core tasks such as threat traffic analysis, alarm noise reduction, attack source tracing, and unknown vulnerability identification. Practice has shown that AI analysis can reduce log alarm noise by more than 90%, and compress security response from "hours" to "minutes". More importantly, AI is being fully integrated into security systems to build systematic defense. This allows the industry to move from "rule-driven" to "intelligent-driven" and from single-point defense to intelligent linkage .



02 


Attack and defense in the digital era drive systemic upgrades in security



At this year's C3 Security Conference, AsiaInfo Security officially launched a new generation of strategic products - AsiaInfo's Connected Defense System (AI XDR) , striving to solve the current problems in the industry: In the face of rapidly evolving and ubiquitous threats, how can security defense shift from stacking to linkage, intelligence, and systematization?



"We cannot simply view AI XDR as an upgrade of XDR," said Wu Xiangning. XDR (Extended Detection and Response) was first proposed by AsiaInfo Security in 2018. Its goal is to integrate data from different security levels of cloud, network, and terminal to achieve detection and protection of everything .


However, in practice, due to the technical and cognitive limitations at the time, XDR development gradually tended to be a "platform tool", becoming a unified data collection, analysis, and management platform, but lacking real combat command capabilities. AI XDR should be like a commander . Its design must be centered on the customer's actual combat threats, and it must be intelligently closed around "discovery-analysis-disposal" to truly help customers reduce threats and fight attacks. This shift is a paradigm shift .


To achieve this transformation, AsiaInfo's AI XDR defense system has undergone a fundamental innovation in its architecture design . It is no longer a patchwork combination of "platform + product plug-in", but a native integrated product. Each sub-product is broken down into "atomic capabilities", which are uniformly scheduled by the platform and combined into scenario-based solutions



In order to advance this concept, the company has also made organizational changes: the product line focuses on "capability production", while the platform is responsible for integration and integrated delivery.


In terms of delivery form, AI XDR is currently mainly deployed locally, delivered to customers through an integrated platform plus an atomic probe, and customized according to different scenarios. " In the future, the delivery form will definitely move towards SaaS ," Wu Xiangning emphasized. He gave the example that now overseas customers need unified management across platforms and regions, and only the SaaS business model can work. At this meeting, AsiaInfo Security and China Unicom announced a cooperative project "Lianxin", in which AI XDR will be implemented on the customer side in a SaaS manner.


At the booth, many enterprise IT professionals asked how AI XDR can be implemented. AsiaInfo Security believes that the first task is to "take stock of the assets" . Many enterprises do not know all their digital assets and lack the ability to identify high-risk points. Through traditional and AI security technologies, "comprehensive scanning" of assets can enable enterprises to achieve more accurate risk response. "Try first and advance step by step." The head of AsiaInfo Security AI XDR added that he suggested that enterprises could first conduct a pilot in a local data center.


AI XDR's "intelligent linkage" relies on three major elements: threat detection is the foundation, linkage disposal is the core, and threat tracing is the advanced stage. Currently, in the pilot sites, AI XDR has achieved a 3.4-fold increase in efficiency in threat alert noise reduction, a 7.5-fold increase in threat detection capability, and a 4.8-fold increase in disposal efficiency.


Behind the product is the accumulation of technology. AsiaInfo Security AI XDR has three characteristics: a strong XDR foundation , especially NDR (network detection and response) and EDR (endpoint detection and response) capabilities; data-driven and AI-enabled, and AI XDR can reversely empower NDR and EDR , forming a positive cycle of product-data-product. If the detection engine or atomic capabilities are not strong enough, there is no qualification to talk about AI XDR. The launch of AI XDR is closely .


In the process of research and development, AI must also be deeply integrated with security scenarios. "One idea we want to convey is that AI is not just a shallow cloud security operation assistant, but should be embedded in the core engine, rules, and products of the security system ." Yang Ting, chief scientist of artificial intelligence at AsiaInfo Security, said that AsiaInfo Security has launched the security big models "Trust Cube" and "Trust Intelligence Cube". For example, "Trust Intelligence Cube" may not be visible to customers, but by empowering the core system, it actually improves security protection and allows customers to clearly perceive it.


Digital Frontline learned that central state-owned enterprises, emerging industries, high-end manufacturing and other industries are the earliest areas where AI XDR will be implemented.


The concept of AI XDR also resonated with customers. At the conference, many IT managers expressed their concern about AI XDR. Enterprises generally face challenges such as multiple devices, fragmented systems, and difficulty in security collaboration.


Li Futao, director of the digital transformation department of TCL Technology Group and general manager of the IT shared service center, said that the home appliance industry has hundreds of millions of users and needs to establish a complete information security defense system. "Now each company has an average of 45 security devices stacked up. Entering the next stage, we need a comprehensive security system that fully connects the cloud, network, and terminal." said Li Liang, head of the Shenzhen National Gene Bank Information Database.



03


Protecting the company's "big model assets"



"Digital construction, including large models, has just begun to be applied, and companies have already considered security issues. I think this is an important conceptual progress," said Wu Xiangning.


In the process of implementing large models with customers, the industry has found that security issues related to large models span multiple dimensions, from GPU cards, protocols, networks, to large model entities, intelligent agents, business scenarios and data, almost covering everything.


How can enterprises ensure security when using big models? At the booth, AsiaInfo Security also demonstrated the "4+2" big model security solution . It builds four major security protection systems from the bottom to the top:


Among them, the bottom infrastructure layer ensures the security of the operating environment of the large model; the model layer above it focuses on security assessment and compliance control of the model itself; the tool layer deploys "protection sentinels" between users and models to identify malicious prompts and sensitive outputs; the top application layer focuses on external risk identification and protection of AI application systems. In addition, "2" combines AsiaInfo Security's business accumulation and AsiaInfo Technology's practical experience in large model projects to achieve closed-loop optimization of the entire chain of the large model life cycle.


From an architectural perspective, big model security and traditional network security are similar in that both cover the hardware layer, driver layer, operating system layer, application layer, and business layer. However, big model security has unique features that traditional network security does not have .


"For example , there are hallucination problems caused by large models, data leakage problems caused by large models, and attacks against large models such as prompt injection, deep fakes, target hijacking, and role-playing ." Yang Ting of AsiaInfo Security said, "By deeply understanding the technical principles of large models, we can design targeted defense mechanisms, and these are the key factors that need to be considered when building an overall security solution for large models."


" The key to defense must be to improve the weakest link , because the attack must be launched against the weaknesses of our defense system," she added.


In his speech at the conference, Li Zhuo of Hydrox AI proposed that large model security should be implemented throughout the entire development cycle, such as data screening, data poisoning detection, adversarial training, feedback mechanism and dynamic intervention in the training phase. These early interventions are less costly and more effective. After going online, there should be a corresponding dynamic defense mechanism to address the high mutation rate of large model attacks.


From the perspective of application implementation, different industries have similar emphases on the security of large models. In the Internet field, AI intelligent bodies are developing rapidly and are being put online at a fast pace. After integrating traditional security and AI security, companies expect to reduce security incidents while significantly shortening the AI ​​application approval and delivery cycle. In the manufacturing industry, companies are more concerned about how to improve production efficiency and reduce security incidents without affecting production continuity. In the financial field, risk control systems are what users are most concerned about.


Security itself is similar to a "cat and mouse game". According to relevant data, the evolution of big model security in the next ten years is predicted: From 2025 to 2027 , the industry's cognitive security paradigm will gradually mature, security and model architecture will be deeply integrated , and protection capabilities and model functions will no longer be in opposition; From 2028 to 2030 , it will enter the "self-supervisory security system" stage, and AI systems may gradually develop self-protection awareness ; After 2030, the boundary between intelligence and security will be completely blurred, and security will become part of model intelligence.


In the process of AI deeply reshaping the industry, security is not a supporting role, but the foundation that determines the quality and speed of AI development. Whether it is "AI for Security" or "Security for AI", this paradigm shift has just begun.

Related PostsView More
Open source tools for visualizing large model generation processes, Zerosearch misunderstandings, and RAG document parsing issues in open source projects
On May 11, 2025, we will analyze the open source visualization tools for the large model generation process, the misunderstanding of Zerosearch, and the issues related to RAG documents. We will introduce a variety of practical visualization tools, such as OpenMAV, logitloom, ReasonGraph, etc., to help explore the internal mechanisms of large models. We will also discuss technical points such...
Caleb Hayes
25,000 words long article details prompt word engineering-2025 Google white paper: How to optimize AI models through prompt word engineering
Take a deep dive into the 25,000-word article and explore the core content of Google's white paper on large language models! Detailed analysis of the key role of prompt word engineering in optimizing large language models, as well as the subtle use of various prompt words. Whether you are a professional developer or an ordinary user, you can gain valuable knowledge from it. Click to read and...
Jasper Cole
Business scenarios and technical analysis of early data processing in AI application scenarios - including structured and unstructured data
In-depth discussion of early data processing in artificial intelligence application scenarios, focusing on the key link of document processing. Covering a variety of data types such as structured and unstructured, analyzing the application of RAG technology in them. Detailed explanation of the principles of RAG technology, revealing how it helps solve document processing problems. If you want...
Jasper Cole